Configuring user authorization

Yii has two methods to authorize users: ACF and RBAC.

The first one, ACF, is used in applications that require a minimal and simple access control. Basically, its behavior is based on five parameters:

  • allow: This parameter specifies whether this is an allow or deny rule; possible values are allow or deny
  • actions: This parameter specifies which actions this rule matches, and they are declared using an array of string
  • roles: This parameter specifies which user roles this rule matches; possible values are ?' and @, which mean respectively guest user and authenticated user
  • ips: This parameter specifies which client IP address this rule matches; the IP address that can contain * as a wildcard
  • verbs: This parameter specifies ...

Get Yii2 By Example now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial